Fedoraproject

Fedora

5353 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2019-9433

  • EPSS 8.6%
  • Veröffentlicht 27.09.2019 19:15:29
  • Zuletzt bearbeitet 21.11.2024 04:51:38

In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVers...

7.1

CVE-2019-9371

  • EPSS 17.76%
  • Veröffentlicht 27.09.2019 19:15:24
  • Zuletzt bearbeitet 21.11.2024 04:51:31

In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: An...

6.5

CVE-2019-9325

  • EPSS 8.89%
  • Veröffentlicht 27.09.2019 19:15:21
  • Zuletzt bearbeitet 21.11.2024 04:51:25

In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: A...

8.8

CVE-2019-9278

  • EPSS 3.75%
  • Veröffentlicht 27.09.2019 19:15:19
  • Zuletzt bearbeitet 21.11.2024 04:51:20

In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitatio...

7.5

CVE-2019-9232

  • EPSS 9.27%
  • Veröffentlicht 27.09.2019 19:15:17
  • Zuletzt bearbeitet 21.11.2024 04:51:15

In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersion...

7.5

CVE-2019-8075

  • EPSS 1.4%
  • Veröffentlicht 27.09.2019 16:15:10
  • Zuletzt bearbeitet 21.11.2024 04:49:14

Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

6.1

CVE-2019-10092

Exploit
  • EPSS 82.38%
  • Veröffentlicht 26.09.2019 16:15:10
  • Zuletzt bearbeitet 21.11.2024 04:18:23

In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only ...

5.3

CVE-2019-16910

  • EPSS 0.93%
  • Veröffentlicht 26.09.2019 13:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:19

Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the...

7.5

CVE-2019-14844

  • EPSS 11.7%
  • Veröffentlicht 26.09.2019 12:15:11
  • Zuletzt bearbeitet 21.11.2024 04:27:29

A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC.

5.3

CVE-2019-16738

Exploit
  • EPSS 0.42%
  • Veröffentlicht 26.09.2019 02:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:05

In MediaWiki through 1.33.0, Special:Redirect allows information disclosure of suppressed usernames via a User ID Lookup.